[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/release-0.3.3] Merge branch 'maint-0.3.2' into maint-0.3.3



commit 2cadd93cea374664f151e945549b95f0b1f49b00
Merge: 75b95e1c8 5b04392c1
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Fri Sep 21 09:35:51 2018 -0400

    Merge branch 'maint-0.3.2' into maint-0.3.3

 changes/bug27316         |  3 +++
 src/or/protover.c        | 17 ++++++++++++++++-
 src/test/test_protover.c |  4 ++++
 3 files changed, 23 insertions(+), 1 deletion(-)

diff --cc src/or/protover.c
index 5145881ba,ebaca07ba..a63c2eb02
--- a/src/or/protover.c
+++ b/src/or/protover.c
@@@ -203,15 -206,10 +214,20 @@@ parse_single_entry(const char *s, cons
    if (equals == s)
      goto error;
  
 +  /* The name must not be longer than MAX_PROTOCOL_NAME_LENGTH. */
 +  if (equals - s > (int)MAX_PROTOCOL_NAME_LENGTH) {
 +    log_warn(LD_NET, "When parsing a protocol entry, I got a very large "
 +             "protocol name. This is possibly an attack or a bug, unless "
 +             "the Tor network truly supports protocol names larger than "
 +             "%ud characters. The offending string was: %s",
 +             MAX_PROTOCOL_NAME_LENGTH, escaped(out->name));
 +    goto error;
 +  }
++
+   /* The name must contain only alphanumeric characters and hyphens. */
+   if (!is_valid_keyword(s, equals-s))
+     goto error;
+ 
    out->name = tor_strndup(s, equals-s);
  
    tor_assert(equals < end_of_entry);
@@@ -919,5 -791,3 +935,4 @@@ protover_free_all(void
    }
  }
  
 +#endif /* !defined(HAVE_RUST) */
- 



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits